add cap_net_bind_service to systemd unit
this allows running on port 80 as non privileged user.
This commit is contained in:
parent
f6867e7666
commit
4450ce7f8a
|
@ -7,6 +7,8 @@ StartLimitInterval=0
|
||||||
[Service]
|
[Service]
|
||||||
User=_loki
|
User=_loki
|
||||||
Type=simple
|
Type=simple
|
||||||
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
ExecStart=/usr/bin/session-open-group-server
|
ExecStart=/usr/bin/session-open-group-server
|
||||||
WorkingDirectory=/var/lib/session-open-group-server
|
WorkingDirectory=/var/lib/session-open-group-server
|
||||||
Restart=on-failure
|
Restart=on-failure
|
||||||
|
|
Loading…
Reference in New Issue